Pursuing

Today I came across the command ‘switchport protected.’ I didn’t know what that meant, so I looked it up. Cisco’s documentation can be found here. To put it simply, protected ports are a poor man’s isolated private VLAN. Two (or more) protected ports cannot speak to each other at Layer 2 on the same switch. However, they can speak to unprotected ports without a problem, and if traffic from one port bounces off a L3 device it can then reach other protected ports. Also, the protection status is local to a switch. Host A on SwitchA’s protected port 1 can still talk to Host B on SwitchB’s protected port 1 as long as there’s a trunk between the switches.